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FILE TABLE COPY PROTECTION FOR A STORAGE DEVICE 
WHEN STORING STREAMING CONTENT 

DESCRIPTION 

BACKGROUND OF THE INVENTION 

5 Field of the Invention 

The present invention generally relates to 
transmission and presentation of broadcast digital 
video and audio program content and, more 
particularly, to protection of such data stored in a 
10 set-top box (STB) or mass storage device connectable 

thereto from unauthorized access. 

Description of the Prior Art 

Since its invention, television has been 
recognized to have great economic and social 

15 potential. At the present time, when wide bandwidth 

transmission systems such as coaxial cable systems 
are becoming relatively ubiquitous, much of the 
economic and social potential derives from the 
variety of programming or other information which 

20 can be provided to users and the willingness of 

users to pay for access to particular information, 
such as pay-per-view movies at a time convenient to 
them. 

While coaxial cable distribution systems 
25 provide very substantial numbers of choices of 

information available as well as some capacity for 
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so-called upstream signalling and even Internet 
communications of increased speed relative to 
telephone/modem arrangements, there is increased 
demand for wider variety and flexibility of 
5 programming which can only be provided, at the 

present state of the art, through digital 
communications using extremely broad band 
transmission media such as microwave, satellite and 
fiber optic links. 
10 Even with these broad band communication media, 

the required capacity, the volume and variety of 
data contained in common programming requires 
*S extreme compression to support the number of 

'SET 

In separate communications which may be required to be 

15 transmitted over a communication link of finite 

q although substantial capacity. Accordingly, a 

CP compression convention referred to as MPEG (Motion 

Picture Experts Group has been promulgated in 
B several versions (e.g. MPEG-2) and has become an 

:?[ 20 industry standard. This standard is extremely 

ifi flexible and adaptive to transmission content to 

O allow extreme compression and is largely compatible 

^ with error recovery and hiding arrangements which 

support acceptable video and audio playback even 
25 though the digital transmission medium is considered 

"lossy" and reception of data with missing or 
corrupted segments or packets is a common 
occurrence. 

In order to implement this compression 
30 convention and recover decompressed data after 

transmission, a so-called "set-top box" (STB) has 
been developed and, at the current time, has a well- 
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established architecture. The processing of which 
the STB is capable is, of course, very substantial 
since MPEG compression or any other type of digital 
video transmission must be very complex and must be 
5 performed reliably within a short period of time in 

order to present a potentially changing display 
without interruption. Generally, very little 
storage is provided for the audio and/ or video 
signal in a STB for the simple reason that the 

10 signal usually must be used for display within a 

very short time after receipt. 

However, public familiarity with the functions 
of video cassette recorders (VCRs) is increasingly 
leading to a demand for substantial storage to be 

15 provided within the STB and for further storage on 

an outboard mass storage device such as a hard disk 
drive or compact disk recorder/playback device 
together with user controls over playback and 
recording similar to those provided by VCRs. The 

20 MPEG STB architecture provides for such storage in 

an encoded and compressed digital form to limit the 
data storage capacity required with decompression 
and decoding upon playback. Storage in digital form 
also allows such storage to be performed with no 

25 increased loss of video or audio fidelity. 

Additionally, user demand for specialized 
features and image enhancement has required 
substantially increased complexity beyond the 
demands of MPEG processing. For example, a separate 

3 0 microprocessor and substantial memory is generally 
included and dedicated to provide user-definable 
functions such as overlays, picture-in-picture 
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displays, graphics overlays and other image 
manipulations. This additional hardware complexity 
has pushed the cost of the STB close to the limit of 
consumer acceptance and economic viability. 
5 Therefore, additional functions may only be included 

if they can be implemented very economically with 
little additional hardware and without use of the 
additional dedicated microprocessor. 

To protect the value of data distributed over 

10 such a system, it is desired to protect selected 

data from unauthorized access. This is generally 
done at the current state of the art by encryption 
of the data. This encryption requires considerable 
data manipulation under severe and critical time 

15 constraints as well as additional storage and secure 

handling of encryption keys that must be shared 
between devices when data is sourced from one device 
and played back on another as would generally be the 
case when the data is transmitted in encrypted form 

20 and decrypted and played back on another device such 

as a STB corresponding to an authorized access. 
This is also the case where an unauthorized 
recording could be made from an authorized STB that 
would generally be created for the purpose of 

25 playback on another STB or other apparatus. 

Accordingly, data recorded in or through a STB must 
be recorded in an encrypted form and decrypted 
during playback; increasing the processing burden to 
present the data (especially video) in the 

3 0 appropriate original time sequence. 

At the present state of the art, no arrangement 
or technique has been suggested for providing 
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encrypted storage with a reduced number of keys that 
reduces storage space and data manipulation 
requirements and remains effective to prevent 
unauthorized duplication of data from the STB. In 
5 this regard, copying of data as recorded in or 

through the STB can be rapidly performed relative to 
copying the decoded and decrypted audio and video 
signals on, for example, a video cassette recorder 
(VCR) . (While some forms of copy protection exist 

10 to prevent copying of video programming on VCRs, no 

similar protection exists against copying the 
"clean" (although encoded and compressed) digital 
signals present at the level of STB storage.) 
Further, the digital storage of the STB allows 

15 rapid storage of multiple generations of copies of 

identical quality. Therefore, prevention of copying 
from a STB for playback on another STB or other 
device of similar functionality (e.g. a suitably 
programmed personal computer) is of substantially 

20 greater importance than preventing dubbing of video 

cassettes . 
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SUMMARY OF THE INVENTION 

It is therefore an object of the present 
invention to provide an encryption technique 
compatible with digital audio and video transmission 
5 and reception and STB architectures allowing reduced 

data manipulation while providing storage in 
encrypted form in limited storage hardware. 

It is another object of the invention to 
provide encryption with a single key or limited 
10 number of keys that can be securely handled in a 

simple manner and allows playback on an authorized 
% STB while preventing playback on different devices. 

| : fi It is a further object of the invention to 

jtl provide effective protection of digitally 

p 15 transmitted data compatible with digital audio/video 

standards and STB architectures which can be 
J" implemented with very little additional hardware in 

D a STB. 

r! In order to accomplish these and other objects 

y 20 of the invention, a method of encryption of a data 

O file transmitted to or from a mass storage device 

such as a hard disk drive is provided having steps 
of defining a write order of data blocks of a data 
file to non-sequential storage locations of a mass 
25 memory in accordance with a first key and allocating 

corresponding sectors in a file allocation table in 
accordance with a second key, storing the data 
blocks in memory in accordance with the write order 
and updating the file allocation table, encrypting 
30 the file allocation table with a third key, forming 

an encrypted file allocation table, and storing the 
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encrypted file allocation table to the mass memory. 

In accordance with another aspect of the 
invention, a decoder for receiving a data file is 
provided including an arrangement for defining a 
5 write order of data blocks to non-sequential storage 

locations of a mass memory in accordance with a 
first key and allocating corresponding sectors in a 
file allocation table in accordance with a second 
key, an arrangement for storing the data blocks in 
10 memory in accordance with the write order and 

updating the file allocation table, an arrangement 
for encrypting the file allocation table with a 
third key, forming an encrypted file allocation 
fj] table, and an arrangement for storing the encrypted 

]** 15 file allocation table to the mass memory, 

jg Thus, in accordance with the invention, the 

S!H order of the data blocks is virtually scrambled 

" ? while the data within the data block remains intact, 

it! 

Q greatly reducing decryption processing during 

*** 20 playback or reading of the data file. However, the 

II : I order of the data blocks cannot be restored to 

O reassemble the data file to a usable form without 

^ decryption of the file allocation table and 

effective copy protection is thus provided while 
25 avoiding a need for authentication of a user since 

the key(s) may be maintained internal to the 

decoder. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

The foregoing and other objects, aspects and 
advantages will be better understood from the 
following detailed description of a preferred 
embodiment of the invention with reference to the 
drawings, in which: 

Figure 1 is a high-level block diagram of an 
digital audio/ video STB architecture, 

Figure 2 illustrates an exemplary memory queue 
as stored in or through a STB such as that 
schematically depicted in Figure 1, 

Figure 3 is a flow chart illustrating operation 
of the invention, and 

Figure 4 illustrates blocks of data containing 
continuous program content which are encrypted in 
accordance with Figure 3, 
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DETAILED DESCRIPTION OF A PREFERRED 
EMBODIMENT OF THE INVENTION 

Referring now to the drawings, and more 
particularly to Figure 1, there is shown a high- 
5 level block diagram illustrating an exemplary 

architecture of a digital audio and video (e.g. MPEG 
compliant) set-top box (STB) chip 100. It should be 
appreciated that while the architecture depicted is 
generally known to those skilled in the art, no 
10 portion of Figure 1 is admitted to be prior art in 

regard to the present invention. Further, it is a 
;S meritorious effect of the present invention that it 

1/1 may be implemented within the architecture of Figure 

'i : ; 

:jS 1 without significant modification thereof. 

n 15 Accordingly, at the level of abstraction with which 

'J Figure 1 is arranged, Figure 1 is also illustrative 

,7* of the preferred architecture with which the 

O invention may be implemented. 

Many of the functional elements of the STB chip 
y 20 architecture 100 will be familiar to those skilled 

^ in the art and need not be discussed in connection 

with the invention. It is sufficient to convey an 
understanding of the invention and to enable 
practice thereof to note that the MPEG transport 
25 stream is input thereto and demultiplexed at 

demultiplexer 110 where it is converted to a 
compressed and encoded, preferably packet ized 
elementary stream (PES), format. These signals are 
placed on a PLB bus 115 and provided to cross-bar 
30 switch (CBS) 120 and stored in memories 130, 140 

under control of respective memory controllers 135, 
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145 responsive to host processor 200 communicating 
to the memory controllers through CBS 120, as well. 

It is important to an understanding of the need 
for the invention that a port may be provided on the 
5 STB for outboard mass data storage such as hard disk 

drive (HDD) 150. If not provided externally (e.g. 
if the HDD is provided internally of the STB) , a 
similar port may be provided by a simple and 
possibly unauthorized modification of the STB, 

10 allowing recordings to be made on replaceable and 

transportable storage media. Therefore, any data to 
be protected must be encrypted. 

Then, in substantially real time or under user 
control, the data is fetched from memories 130, 140 

15 and/or 150 (generally from 150) , using 130 or 140 as 

a demultiplexing buffer, separated into audio and 
video streams and decrypted, if necessary, at 
demultiplexing buffer 130 or 140. The audio and 
video signals are then decompressed and decoded into 

20 decompressed raw digital data at decoders 160 and 

170, respectively. The video signal is then encoded 
into a standard analog formal (e.g. PAL or NTSC) by 
digital encoder (DENC) 180 processing on the chip 
while digital to analog conversion of the audio 

25 signal is generally provided off -chip. The 

respective analog video and audio signals are then 
provided to a television set or monitor 190 for 
presentation to the user. 

It is important to an understanding of the 

3 0 invention to note that continuous audio/ video 

program content is articulated in memory queues of 
preferably fixed size in memories 130 or 140 until 
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ready to be transferred to mass storage 150. A 
memory queue is also further articulated or 
structured in blocks (sometimes referred to as sub- 
blocks to distinguish from a larger block 
5 accumulated therefrom for storage) of fixed size. 

For example, a 1 Meg memory queue may contain video 
blocks of 64 KBytes each or audio blocks of 512 
Bytes each. Data in a block within a memory queue 
may be comprised of audio data or video data but not 
10 both. An exemplary 1 Meg memory queue is 

illustrated in Figure 2 with brackets indicating 
audio and video blocks for clarity but it is to be 
y understood that in practice audio and video packets 

fji in such blocks are interleaved. While the following 

15 discussion will assume memory queues and data blocks 

Sec 

q of given size(s) for clarity, it should be 

& 1 understood and kept in mind that the practice of the 

™ ? invention does not rely on any particular data block 

D size and any size block and any combination of data 

20 block sizes within a memory queue of any size can be 

readily accommodated. 

Referring now to Figure 3, operation of the 
invention within the architecture of Figure 1 will 
now be explained. The operations to be described 
25 below are principally carried out by host processor 

2 00 which can be suitably programmed without 
contributing to the processing burden of either the 
MPEG processing or the dedicated processor alluded 
to above. The invention employs virtual scrambling 
30 of data by encryption of the file allocation table 

(FAT) as the data is stored to a mass storage 
device. For this reason, all functions can be 



it s 
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carried out by a memory subsystem (e.g. DMA) under 
minimal control from host processor 200 and can be 
applied to any or all transfers of data between 
memory 140 and 150 while isolating such application 
5 of encryption from control by the user. 

It should be understood that the processing 
b of control of the memory controllers is 
sufficiently light that the dedicated processor can 
be usefl without compromise of other desired 
10 functions and such use may provide simplification of 

some otAer functions such as scanning the program 
content for particular locations, as discussed in 
concurrently filed U. S. Patent applicaction S. N. 

Ill 09/ , V (Docket No. END000009US1) assigned to 

jt; 15 the assignee of the present invention and hereby 

g fully incorporated by reference. Alternatively, an 

Oj additional processor can be provided at relatively 

] a little expense since processing requirements for 

Q control of the\ memory controller 135 is minimal to 

Jfi 20 provide encryption without modification of the full 

ij] granularity of tthe data in accordance with the 

O invention. 

Each memory queue is processed in turn 
beginning with a first memory queue of program 
25 content. Data or a flag anywhere within a header 

associated with the first data block of transmitted 
data can be used to invoke the invention for 
encryption of the entirety of any program and 
maintain the protection with any and all copies of 
30 the program content that may be made. By the same 

token, a flag or other data in a first memory queue 
of an encrypted copy of the program content can 
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invoke the invention to provide decryption on the 
same STB upon playback. 

At step 310 of Figure 3, a memory queue (e.g. 1 
MB of data) is processed to determine the number of 
5 blocks therein. Block size is of no consequence in 

this processing which may be as simple as counting 
the number of block headers in the memory queue 
being encrypted. The memory queue can be 
arbitrarily divided into blocks of any convenient 
10 size, as depicted at step 315 as long as audio and 

video data are segregated into respective data 
blocks as discussed above and the memory queue can 
be of any convenient size. 
Ln Assuming a block size of 64 KB, an exemplary 

j^J 15 articulation of a memory queue is depicted in Figure 

q 4. (Seven blocks are shown as a matter of 

^ convenience and to indicate the number of blocks is 

arbitrary. Ordinarily sixteen 64 KB data blocks 
D would be provided in a 1 Meg memory queue.) Based 

^ 20 on the number of blocks found in the memory queue, a 

y counter, generally provided in a memory controller, 

5 is set, as depicted at step 320. The value with 

*'** which the counter is set represents the total number 

of blocks within the memory queue but the value may 
25 or may not equal the number of blocks (e.g. an 

offset may be provided) . Each data block is then 
assigned a sector number (or write order generated 
at step 325 as determined by a key (e.g. key 1) 330 
in accordance with an algorithm, system ID, STB ID, 
30 etc., as desired but should be unique to the STB or 

effectively so. 

Each data block header is then updated to 
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include the assigned sector number as indicated at 
33 5 as is generally provided by host processor 200; 
the difference from normal operation of a host 
processor at this point being derived from the 
5 setting of the counter and the encryption, in 

accordance with key 1, of the sector number 
assigned. That is, at this point, the data in the 
queue remains in order but has been "virtually" 
scrambled out of order based on key 1. The 
10 encryption of the sector numbers thus causes the 

physical pointing to non-sequential sectors when the 
data is written to mass storage 150. 

Next, entries in a local copy of the FAT in 
ry 13 0 are allocated for data blocks to be 
15 writton to mass storage 150 at the sector location 

indicated in the header of each data block as shown 
at steA 340. Non-sequential entries may be selected 
based oA key 2 330' which may be and preferably is 
the sameVas key 1. The data blocks are then written 
20 to the sebtors indicated in their respective headers 

(step 345)\ with the storage of each block being 
followed h\ incrementing of the counter (step 350) , 
updating ofythe FAT in memory and repeating steps 
340, 345 and\350 for each data block until the 
25 counter indicates that all data blocks in the memory 

queue have heen stored to mass storage 150 (step 
360), looping as indicated at 365. Then, as 
depicted at steA 360, the FAT is encrypted with key 
3 330' 1 which, again, is preferably the same as key 
30 1. The encrypted \fat is then written to mass 

storage 150, the next memory queue is called as 
indicated at steps ^80 and 390, respectively and the 
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process repeated/^looping to step 310. 

During playback, decryption is performed by 
decrypting the FAT retrieved from mass storage 150 
in accordance with key 3 and then simply reading the 
5 data blocks from non-sequential sectors; thus 

avoiding any need to decrypt the data itself and 
avoiding the data processing burden thereof. The 
sector number in the header may, however, be 
decrypted in accordance with key 1 to assure correct 
10 reassembly of the memory queue. 

It should be noted that in the case of an STB 
storing data for later playback on the same STB, 
only one key is required and is maintained only 
within the STB. Therefore, key 1 (and keys 2 and 3, 
15 as well, if different) are kept private within the 

O STB and may be adequately protected by simple 

hardware and software safeguards therein. The lack 
of a need to share keys between devices in this 
□ circumstance avoids any need for complex 

S . : 

I™ 20 authentication processes while assuring that a copy 

yj made on a given STB can only be replayed on the same 

y STB. In addition, the key(s) and 

encryption/decryption software can be updated in the 
field through downloads using the MPEG transport 
25 stream itself for distribution. By the same token, 

a different STB can be enabled to play back the 
recorded copy of the data by downloading of a key 
corresponding to the authorized STB upon suitable 
authorization from the data provider. Thus, 
3 0 transfer of copies between STBs can be effectively 

controlled and limited while allowing great 
flexibility of service from the data provider. 
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In view of the foregoing, it is seen that the 
invention provides for simplified encryption 
adequate to protect data from unauthorized access 
without requiring any additional hardware and very 
5 minimal additional processing overhead. The minimal 

processing is provided by the host processor 200 
through simple manipulation of a counter and sector 
address transformation at memory controller 140. 
The minimal software encryption/decryption algorithm 
10 also facilitates downloading over an MPEG compliant 

system. Once the key(s) and/ or 

encryption/decryption software are downloaded, they 
remain private to the STB and are adequately 
protected by simple safeguards against user access. 

15 Default key(s) may be provided unique to specific 

STBs in any number of ways such as ROM, EEPROM 
jumpers and the like. No decryption burden is 
imposed upon playback, thus further reducing 
processing burden and facilitating operator control 

20 of the playback process and responsiveness of the 

STB to such user control. 

While the invention has been described in terms 
of a single preferred embodiment, those skilled in 
the art will recognize that the invention can be 

25 practiced with modification within the spirit and 

scope of the appended claims. 



END000010US1 (00240076AA) 



